Dealing with Cryptowall virus: Back up computer, be careful where you click

Posted: November 14, 2014 | Author: | Filed under: Employees, General news, Security, Students, Tech tips |Leave a comment

A variant of the notorious Cryptolocker computer virus has taken its toll on Windows servers around campus, and computer users at Eastern are being urged to exercise care when connecting to Internet sites and downloading data, in order to prevent infections.

The Cryptowall virus has infected three servers since summer, said Information Technology Services’ Assistant Director of Information Security Mike Gioia.

Cryptowall, like Cryptolocker, is a Trojan Horse that encrypts the files in a computer’s hard drive and makes them inaccessible and unusable unless a monetary ransom is paid to the perpetrators to unlock them. But while Cryptolocker could sometimes be partially circumvented, there are no IT tools available to undo the damage caused by Cryptowall, said Gioia.

Three Windows servers on campus were infected during July, September and October, though the infections were only discovered in the past month.

The virus can be encountered or spread by opening infected email attachments and navigating to bogus websites that have been set up by criminal groups and individuals trying to infect victims’ computers and extort money from them. It also can be spread though “malvertising,” in which legitimate online advertisements are turned into vectors of the virus and merely clicking on them can contaminate a victim’s computer.

“The most effective thing to do to protect yourself is to back up your computer files regularly,” Gioia said. “That way, if you are infected, you can just reformat (wipe clean) your computer and rescue all your files from your backup.”

Unfortunately, Cryptowall can sometimes infect the deepest portions of a computer’s operating system, and even obliterating every file will still not expunge it, and it may return to cause more problems. The infection also can spread from the host computer to any shared drive connected to it, such as network and thumb drives, as well as program such as Dropbox.

The most important preventative is to be wary of websites you visit and links you click.

“Make sure your computer is up to date with antivirus software and that the operating system is patched and up to date,” Gioia said. “Make sure you are visiting legitimate websites, are downloading legitimate software and be careful with email attachments you are opening.”

Leave a comment